aspose file tools
The moose likes JDBC and the fly likes PreparedStatement's with Oracle 8i.... Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of Arduino in Action this week in the General Computing forum!

A special promo: Enter your blog post or vote on a blogger to be featured in an upcoming Journal
JavaRanch » Java Forums » Databases » JDBC
Reply Bookmark "PreparedStatement Watch "PreparedStatement New topic
Author

PreparedStatement's with Oracle 8i....

SAFROLE YUTANI
Ranch Hand

Joined: Jul 06, 2001
Posts: 257
posted
0
Quote
I noticed that there is no need to escape special characters such as "'" when using PreparedStatements. In other words, the following code executes without error...
PreparedStatment st =
connection.prepareStatement( "INSERT INTO Product values ( ?,?)");
st.setInt( 1, 1);
st.setString( 2, "Hello ' World");
st.execute();
I'm assuming that the Oracle driver is aware of escaping special characters in string arguments, but I know for a fact that if I use Statement instead of PreparedStatement, I get an SQLException complaining about a string termination error.
I just want to confirm with you guys that PreparesStatement actually escapes strings automatically.
SAF
Jamie Robertson
Ranch Hand

Joined: Jul 09, 2001
Posts: 1879

I like...
MySQL Database Suse
posted private message
0
Quote
That's the best feature of PreparedStatements, they handle special characters for you. Your assumptions are correct.
Jamie
SAFROLE YUTANI
Ranch Hand

Joined: Jul 06, 2001
Posts: 257
posted
0
Quote
oh yeah, that's the bomb!
thanks jamie
SAF
 
I agree. Here's the link: http://zeroturnaround.com/jrebel - it saves me about five hours per week
 
subject: PreparedStatement's with Oracle 8i....
 
Similar Threads
XSD type: CDATA
Sting "\" in my code
Storing special characters(') into oracle
Is there any limit on the length of Strings...
INSERT statement